From db61f74b62d1d6ed07f029146c27233d8cb013fc Mon Sep 17 00:00:00 2001
From: levlam <levlam@telegram.org>
Date: Sat, 29 Jun 2024 17:14:02 +0300
Subject: [PATCH] Add cloud_project_number to
 updateApplicationVerificationRequired.

---
 td/generate/scheme/td_api.tl         |  7 ++++---
 td/telegram/net/NetQueryVerifier.cpp | 23 ++++++++++++++++++++---
 2 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/td/generate/scheme/td_api.tl b/td/generate/scheme/td_api.tl
index b3c0a5a0c..77dafc0b8 100644
--- a/td/generate/scheme/td_api.tl
+++ b/td/generate/scheme/td_api.tl
@@ -177,7 +177,7 @@ authorizationStateClosed = AuthorizationState;
 //@description Device verification must be performed with the SafetyNet Attestation API @nonce Nonce to pass to the SafetyNet Attestation API
 firebaseDeviceVerificationParametersSafetyNet nonce:bytes = FirebaseDeviceVerificationParameters;
 
-//@description Device verification must be performed with the Play Integrity API
+//@description Device verification must be performed with the classic Play Integrity verification (https://developer.android.com/google/play/integrity/classic)
 //@nonce Base64url-encoded nonce to pass to the Play Integrity API
 //@cloud_project_number Cloud project number to pass to the Play Integrity API
 firebaseDeviceVerificationParametersPlayIntegrity nonce:string cloud_project_number:int64 = FirebaseDeviceVerificationParameters;
@@ -7362,9 +7362,10 @@ updateFileRemovedFromDownloads file_id:int32 counts:downloadedFileCounts = Updat
 //@description A request can't be completed unless application verification is performed; for official mobile applications only.
 //-The method setApplicationVerificationToken must be called once the verification is completed or failed
 //@verification_id Unique identifier for the verification process
-//@nonce Unique nonce for the classic Play Integrity verification (https://developer.android.com/google/play/integrity/classic) for Android,
+//@nonce Unique base64url-encoded nonce for the classic Play Integrity verification (https://developer.android.com/google/play/integrity/classic) for Android,
 //-or a unique string to compare with verify_nonce field from a push notification for iOS
-updateApplicationVerificationRequired verification_id:int53 nonce:string = Update;
+//@cloud_project_number Cloud project number to pass to the Play Integrity API on Android
+updateApplicationVerificationRequired verification_id:int53 nonce:string cloud_project_number:int64 = Update;
 
 //@description New call was created or information about a call was updated @call New data about a call
 updateCall call:call = Update;
diff --git a/td/telegram/net/NetQueryVerifier.cpp b/td/telegram/net/NetQueryVerifier.cpp
index 12dae68ac..79569c3f7 100644
--- a/td/telegram/net/NetQueryVerifier.cpp
+++ b/td/telegram/net/NetQueryVerifier.cpp
@@ -12,6 +12,7 @@
 #include "td/telegram/td_api.h"
 #include "td/telegram/telegram_api.h"
 
+#include "td/utils/base64.h"
 #include "td/utils/common.h"
 #include "td/utils/Slice.h"
 #include "td/utils/Status.h"
@@ -24,7 +25,22 @@ void NetQueryVerifier::verify(NetQueryPtr query, string nonce) {
   CHECK(query->is_ready());
   CHECK(query->is_error());
 
-  if (!check_utf8(nonce)) {
+  int64 cloud_project_number = 0;
+  auto status = [&] {
+    if (!check_utf8(nonce)) {
+      return Status::Error(400, "Invalid encoding");
+    }
+#if TD_ANDROID
+    string cloud_project_number_str;
+    std::tie(cloud_project_number_str, nonce) = split(nonce, '_');
+    TRY_RESULT_ASSIGN(cloud_project_number, to_integer_safe<int64>(cloud_project_number_str));
+    TRY_RESULT_ASSIGN(nonce, hex_decode(nonce));
+    nonce = base64url_encode(nonce);
+#endif
+    return Status::OK();
+  }();
+  if (status.is_error()) {
+    LOG(ERROR) << "Receive " << status;
     query->set_error(Status::Error(400, "Invalid verification nonce"));
     G()->net_query_dispatcher().dispatch(std::move(query));
     return;
@@ -33,8 +49,9 @@ void NetQueryVerifier::verify(NetQueryPtr query, string nonce) {
   auto query_id = next_query_id_++;
   queries_.emplace(query_id, std::make_pair(std::move(query), nonce));
 
-  send_closure(G()->td(), &Td::send_update,
-               td_api::make_object<td_api::updateApplicationVerificationRequired>(query_id, nonce));
+  send_closure(
+      G()->td(), &Td::send_update,
+      td_api::make_object<td_api::updateApplicationVerificationRequired>(query_id, nonce, cloud_project_number));
 }
 
 void NetQueryVerifier::set_verification_token(int64 query_id, string &&token, Promise<Unit> &&promise) {